Nevada Cybersecurity 2
60 Standards
8.1.1
Describe the steps of the cybersecurity lifecycle (e.g., people, process and tools)
8.1.2
Write a set of principles, rules, and practices to provide guidance and direction
8.1.3
Follow appropriate decision-making model to determine correct response procedures
8.2.1
Plan, prepare, and develop scope for a Cyber Incident Response Plan
8.2.2
Determine correct detection, mitigation, and reporting processes
8.2.3
Evaluate assessment and decision-making steps when handling an incident or event
8.2.4
Determine correct investigative procedures
8.2.5
Gather intelligence from a variety of sources including open source and others
8.2.6
Document intelligence gathering efforts including who, what, when, where, why, and how
8.2.7
Determine extent of event or incident scope including severity
8.2.8
Determine correct containment steps based on the type of incident or event encountered
8.2.9
Implement the correct eradication response and processes
8.2.10
Determine next steps post investigation (post breach) from legal, HR, news media response
8.3.1
Determine the appropriate security control, technique or process based on the property, system or data you are protecting
8.3.2
Explain the importance of security controls, techniques, and threat risk assessments
8.3.3
Select the appropriate solution to eliminate vulnerabilities and establish a security baseline
8.3.4
Develop plans to protect a variety of property, systems, or data
8.3.5
Implement the appropriate controls to ensure security of property, systems, or data
8.3.6
Compare and contrast alternative methods to mitigate security risks for data in transit and data at rest
8.4.1
Describe the digital chain of custody process for tracking data and equipment (legal evidence)
8.4.2
Describe all steps to capture and maintain evidence
8.4.3
Follow chain of custody procedures
8.4.4
Maintain detailed records (e.g., chain of custody forms, evidence collection forms, etc.)
8.4.5
Track digital evidence (e.g., how it has been gathered, tracked, and protected)
8.4.6
Describe a chain of custody
8.4.7
Develop a plan for data transport, encryption to avoid alteration of data and legal holds
8.4.8
Develop a plan for recovery, disposal of evidence, and follow up
8.4.9
Write a forensics summary report
9.1.1
Summarize basic forensic concepts and practices including eDiscovery, documentation, chain of custody, and data transport
9.1.2
Determine a first responder’s logical approach during an investigation with objective, evidence-based research
9.1.3
Review the First Responder steps and processes for proper documentation
9.1.4
Explain what eDiscovery is including the contextual process for electronic evidence collection (Electronically Stored Information ESI)
9.1.5
Observe and discuss legal restrictions, stipulations, regulatory compliance, and confidentiality when gathering evidence
9.1.6
Summarize Chain of Custody processes during investigations
9.2.1
Explain the proper use of penetration testing versus vulnerability scanning
9.2.2
Explain the many types of vulnerabilities, exploits, and cyber threats a First Responder encounters
9.2.3
Discover the common types of cyber threat actors including Cybercriminals, Attention-Seekers, Hacktivists, Jihadi Hackers, and Nation States
9.2.4
Explain and summarize the common cybersecurity attacks including the preferred tactics, techniques, and procedures (TTPS) of threat actors
9.2.5
Examine and summarize the targets of cyber threat actors including governments, military agencies, non-profits, and businesses across sectors including retail, legal, energy, healthcare, technology, entertainment, and telecommunications
9.2.6
Review and examine geopolitical flashpoints (e.g., U.S.-China Relations, Iranian Nuclear Accord, Economic Sanctions on Russia, Syrian Conflict, ISIS-related Activity, North Korean Policy, StateSponsored Cyber Activity, Cybersecurity Regulations)
9.3.1
Describe and demonstrate various methods and tools for threat detection and eDiscovery
9.3.2
Describe and demonstrate vulnerability management methods, practices, and scanning tools
9.3.3
Describe and demonstrate various practices, methods, and tools for penetration testing
9.3.4
Identify encryption methods and demonstrate tools to decipher encrypted data
9.3.5
Review basic cryptography concepts, methods, and its relationship to forensics
9.3.6
Identify Web application exploits, vulnerabilities
9.3.7
Describe and demonstrate Web Application Security and Scanning methods and tools
9.3.8
Identify methods or tools to eliminate cloud exploits and vulnerabilities
9.3.9
Describe and demonstrate a working knowledge of phishing attacks and mitigation steps
9.4.1
Explain what malware is including its history
9.4.2
Review and define the most common malware terminologies
9.4.3
Describe the ways and methods malware is spread
9.4.4
Review the types of malware specifically examining viruses, worms, trojan horses, rootkits ransomware, keyloggers, and grayware attack
9.4.5
Choose one malware scenario and select the appropriate type of mitigation and deterrent techniques
9.4.6
Use appropriate tools and techniques to eliminate malware from spreading
10.1.1
Explain Artificial Intelligence (AI), potential applications, concerns, and opportunities in relation to security issues
10.1.2
Describe machine learning and potential applications, concerns, and opportunities
10.1.3
Explain the role of ethics as it relates to security and emerging technologies
10.2.1
Describe job skills needed for potential careers in new and emerging technologies
10.2.2
Explore potential uses for and industries that may use emerging technologies